Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/96WT5FytarZ05IjRuFbC54RPoZ0.roa
File: 96WT5FytarZ05IjRuFbC54RPoZ0.roa (raw, json)
Hash identifier: 5ug8siROjy4VLZIuvuNaCChigNtUitO0ITOEkGJ9SYA=
Subject key identifier: F7:A5:93:E4:5C:AD:6A:B6:74:E4:88:D1:B8:56:C2:E7:84:4F:A1:9D
Certificate issuer: /CN=aebf394e2f1b251c88d988a87161084580786ef5
Certificate serial: 018CC5DD37C69D0578774CDD110067FC3354
Authority key identifier: AE:BF:39:4E:2F:1B:25:1C:88:D9:88:A8:71:61:08:45:80:78:6E:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rr85Ti8bJRyI2YiocWEIRYB4bvU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/96WT5FytarZ05IjRuFbC54RPoZ0.roa
Signing time: Mon 01 Jan 2024 16:30:58 +0000
ROA not before: Mon 01 Jan 2024 16:30:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16347
IP address blocks: 5.182.252.0/22 maxlen: 24
212.51.160.0/19 maxlen: 24
91.103.232.0/21 maxlen: 24
45.142.172.0/22 maxlen: 24
128.127.128.0/20 maxlen: 24
149.255.136.0/22 maxlen: 24
149.255.136.0/21 maxlen: 24
37.58.128.0/17 maxlen: 24
81.22.216.0/21 maxlen: 24
193.108.197.0/24 maxlen: 24
185.67.88.0/22 maxlen: 24
103.77.32.0/22 maxlen: 24
146.247.88.0/21 maxlen: 24
103.232.172.0/22 maxlen: 24
178.249.160.0/21 maxlen: 24
185.42.132.0/22 maxlen: 24
213.151.166.0/24 maxlen: 24
213.151.172.0/23 maxlen: 24
103.229.36.0/23 maxlen: 24
213.151.171.0/24 maxlen: 24
213.151.168.0/23 maxlen: 24
37.18.160.0/20 maxlen: 24
213.151.174.0/24 maxlen: 24
213.151.175.0/24 maxlen: 24
91.217.94.0/23 maxlen: 24
62.102.224.0/19 maxlen: 24
185.208.248.0/22 maxlen: 24
185.65.224.0/22 maxlen: 24
92.61.72.0/21 maxlen: 24
109.69.192.0/21 maxlen: 24
94.127.8.0/21 maxlen: 24
185.204.140.0/22 maxlen: 24
185.79.148.0/22 maxlen: 24
46.20.160.0/20 maxlen: 24
213.108.64.0/21 maxlen: 24
109.237.240.0/20 maxlen: 24
188.66.56.0/22 maxlen: 24
2a03:4c00::/29 maxlen: 48
2a01:728::/29 maxlen: 48
Validation: Failed, certificate revoked on Tue 20 Feb 2024 16:22:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dd:37:c6:9d:05:78:77:4c:dd:11:00:67:fc:33:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aebf394e2f1b251c88d988a87161084580786ef5
Validity
Not Before: Jan 1 16:30:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f7a593e45cad6ab674e488d1b856c2e7844fa19d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:49:bc:9c:0b:2e:9a:e3:d7:6a:7b:e0:37:17:
55:29:bb:09:83:fd:ff:8e:48:9f:53:8b:a8:1d:b8:
55:42:9e:cb:54:fd:d3:45:00:6c:26:d5:39:38:a5:
5c:54:ed:05:e4:96:6f:67:6c:be:13:a2:48:9e:4d:
e1:52:9b:62:6b:ae:4d:6c:36:68:f8:6d:7c:4b:b1:
25:46:16:0b:dd:92:ea:1a:8d:35:7c:d0:89:87:35:
11:d4:3a:91:84:98:c6:7a:66:e3:15:88:72:91:cf:
fa:74:96:69:cc:25:3a:02:19:13:38:f9:b6:1b:63:
3f:47:7f:4e:3b:cb:90:bc:06:05:5a:7e:28:a8:90:
85:43:e9:38:1b:b3:7d:06:e5:47:cd:b1:27:fe:b8:
d9:98:c9:dc:93:64:2a:4e:1c:16:f3:43:ec:78:7a:
7c:74:72:49:2d:58:c0:30:e4:71:ab:d8:96:db:09:
ff:f7:03:bb:93:97:7c:06:24:07:6b:95:36:f7:9d:
49:7b:1e:1b:be:a5:83:c0:8e:fe:94:3c:d0:3b:c0:
e5:9d:c6:0b:73:d2:d0:fc:df:c9:dd:d6:38:2a:f1:
4b:0d:34:0c:d6:c8:71:cb:64:e6:4c:59:ef:67:06:
d4:b1:d4:9b:b0:8f:16:a5:ca:02:8f:06:c3:03:36:
6c:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:A5:93:E4:5C:AD:6A:B6:74:E4:88:D1:B8:56:C2:E7:84:4F:A1:9D
X509v3 Authority Key Identifier:
keyid:AE:BF:39:4E:2F:1B:25:1C:88:D9:88:A8:71:61:08:45:80:78:6E:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rr85Ti8bJRyI2YiocWEIRYB4bvU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/96WT5FytarZ05IjRuFbC54RPoZ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/rr85Ti8bJRyI2YiocWEIRYB4bvU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.252.0/22
37.18.160.0/20
37.58.128.0/17
45.142.172.0/22
46.20.160.0/20
62.102.224.0/19
81.22.216.0/21
91.103.232.0/21
91.217.94.0/23
92.61.72.0/21
94.127.8.0/21
103.77.32.0/22
103.229.36.0/23
103.232.172.0/22
109.69.192.0/21
109.237.240.0/20
128.127.128.0/20
146.247.88.0/21
149.255.136.0/21
178.249.160.0/21
185.42.132.0/22
185.65.224.0/22
185.67.88.0/22
185.79.148.0/22
185.204.140.0/22
185.208.248.0/22
188.66.56.0/22
193.108.197.0/24
212.51.160.0/19
213.108.64.0/21
213.151.166.0/24
213.151.168.0/23
213.151.171.0-213.151.175.255
IPv6:
2a01:728::/29
2a03:4c00::/29
Signature Algorithm: sha256WithRSAEncryption
52:11:ab:c7:44:c4:5d:da:0f:50:0b:88:48:81:31:52:24:35:
c5:e6:8f:eb:98:f8:19:23:84:c1:91:97:db:0d:36:7d:4f:a3:
84:98:b7:79:43:d6:15:5d:d4:4d:0d:38:8b:09:21:34:68:67:
85:db:4d:b3:2a:24:2c:08:01:33:ea:4b:84:42:ff:70:d4:ae:
29:71:a7:d1:31:72:b4:46:3c:35:a5:91:f0:b4:60:0b:22:bb:
ed:54:58:b6:16:d2:28:88:cc:ec:3c:5e:b5:d2:4e:ef:07:34:
32:67:b4:07:e5:2a:7c:04:0c:55:d7:72:52:24:1f:1a:b6:ea:
bc:8e:31:d1:3a:09:f6:6f:17:08:1a:c7:9d:15:5b:90:41:7c:
1b:88:ad:eb:25:24:60:87:a1:40:fb:a9:02:32:41:84:4e:36:
70:54:aa:3f:17:e5:92:cf:98:3c:76:67:da:c3:53:c6:b9:95:
57:83:73:c8:d8:28:7f:20:fc:5a:fb:2c:d2:cb:8b:ab:49:01:
08:1f:7d:75:2f:f6:c7:01:2e:de:26:ed:68:6a:73:dc:ce:f9:
eb:b9:88:1b:16:ad:7e:30:f2:cc:75:0a:35:15:73:9a:8d:2f:
fb:cf:42:41:e3:d4:ad:c8:9b:80:b4:db:46:54:fe:0c:54:2b:
83:6a:f3:64
-----BEGIN CERTIFICATE-----
MIIF4TCCBMmgAwIBAgISAYzF3TfGnQV4d0zdEQBn/DNUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlYmYzOTRlMmYxYjI1MWM4OGQ5ODhhODcxNjEwODQ1ODA3
ODZlZjUwHhcNMjQwMTAxMTYzMDU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2E1OTNlNDVjYWQ2YWI2NzRlNDg4ZDFiODU2YzJlNzg0NGZhMTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhUm8nAsumuPXanvgNxdVKbsJg/3/
jkifU4uoHbhVQp7LVP3TRQBsJtU5OKVcVO0F5JZvZ2y+E6JInk3hUptia65NbDZo
+G18S7ElRhYL3ZLqGo01fNCJhzUR1DqRhJjGembjFYhykc/6dJZpzCU6AhkTOPm2
G2M/R39OO8uQvAYFWn4oqJCFQ+k4G7N9BuVHzbEn/rjZmMnck2QqThwW80PseHp8
dHJJLVjAMORxq9iW2wn/9wO7k5d8BiQHa5U2951Jex4bvqWDwI7+lDzQO8DlncYL
c9LQ/N/J3dY4KvFLDTQM1shxy2TmTFnvZwbUsdSbsI8WpcoCjwbDAzZsWwIDAQAB
o4IC7TCCAukwHQYDVR0OBBYEFPelk+RcrWq2dOSI0bhWwueET6GdMB8GA1UdIwQY
MBaAFK6/OU4vGyUciNmIqHFhCEWAeG71MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnI4NVRpOGJKUnlJMllpb2NXRUlSWUI0YnZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS80MDQ5OGUtZDFjMC00ODRjLWFiY2It
NjFlN2Y0MGQ1ZGQ2LzEvOTZXVDVGeXRhclowNUlqUnVGYkM1NFJQb1owLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS80MDQ5OGUtZDFjMC00ODRjLWFiY2ItNjFlN2Y0MGQ1ZGQ2
LzEvcnI4NVRpOGJKUnlJMllpb2NXRUlSWUI0YnZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBAQYIKwYBBQUHAQcBAf8EgfEwge4wgdUEAgABMIHOAwQC
Bbb8AwQEJRKgAwQHJTqAAwQCLY6sAwQELhSgAwQFPmbgAwQDURbYAwQDW2foAwQB
W9leAwQDXD1IAwQDXn8IAwQCZ00gAwQBZ+UkAwQCZ+isAwQDbUXAAwQEbe3wAwQE
gH+AAwQDkvdYAwQDlf+IAwQDsvmgAwQCuSqEAwQCuUHgAwQCuUNYAwQCuU+UAwQC
ucyMAwQCudD4AwQCvEI4AwQAwWzFAwQF1DOgAwQD1WxAAwQA1ZemAwQB1ZeoMAwD
BADVl6sDBATVl6AwFAQCAAIwDgMFAyoBBygDBQMqA0wAMA0GCSqGSIb3DQEBCwUA
A4IBAQBSEavHRMRd2g9QC4hIgTFSJDXF5o/rmPgZI4TBkZfbDTZ9T6OEmLd5Q9YV
XdRNDTiLCSE0aGeF202zKiQsCAEz6kuEQv9w1K4pcafRMXK0Rjw1pZHwtGALIrvt
VFi2FtIoiMzsPF610k7vBzQyZ7QH5Sp8BAxV13JSJB8atuq8jjHROgn2bxcIGsed
FVuQQXwbiK3rJSRgh6FA+6kCMkGETjZwVKo/F+WSz5g8dmfaw1PGuZVXg3PI2Ch/
IPxa+yzSy4urSQEIH311L/bHAS7eJu1oanPczvnruYgbFq1+MPLMdQo1FXOajS/7
z0JB49StyJuAtNtGVP4MVCuDavNk
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:04 2024 by rpki-client on console-ams.rpki-client.org